package com.igd.security.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

import com.igd.security.token.UsernamePasswordWithChceckCodeToken;

/**
 * @version 1.0
 * 
 * @author QIAOYU
 * 
 * @date 2013-6-20
 * 
 * @description shiro表单验证过滤器扩展,添加对验证码的处理
 */

public class FormAuthenticationCaptchaFilter extends FormAuthenticationFilter {

	/** 定义验证码属性名称 */
	private static final String DEFAULT_CAPTCHA_PARAM = "captcha";

	private String captchaParam = DEFAULT_CAPTCHA_PARAM;

	/**
	 * 获取验证码属性名
	 * 
	 * @return String
	 */
	public String getCaptchaParam() {

		return captchaParam;

	}

	/**
	 * 获取验证码值
	 * 
	 * @param request
	 * 
	 * @return
	 */
	protected String getCaptcha(ServletRequest request) {

		return WebUtils.getCleanParam(request, this.getCaptchaParam());

	}

	protected AuthenticationToken createToken(ServletRequest request,ServletResponse response) {

		String userName = getUsername(request);

		String passWord = getPassword(request);

		boolean rememberMe = isRememberMe(request);

		String captcha = this.getCaptcha(request);

		String host = getHost(request);

		return new UsernamePasswordWithChceckCodeToken(userName,passWord.toCharArray(), rememberMe, host, captcha);

	}
}
